PT-2018-10043 · Ilias Open Source E Learning Platform · Ilias
Lnobodyl
·
Publicado
2018-05-02
·
Atualizado
2018-06-07
·
CVE-2018-10665
CVSS v3.1
6.1
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
ILIAS version 5.3.4
Description
The issue is related to an XSS vulnerability due to unsanitized output of
PHP SELF, specifically affecting files such as shib logout.php and certain third-party demo files.Recommendations
For ILIAS version 5.3.4, update to a version that addresses this issue, as using unsanitized output of
PHP SELF can lead to security risks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ilias